SB20240813119 - Multiple vulnerabilities in Microsoft Windows Kernel
Published: August 13, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Improper Neutralization of Special Elements (CVE-ID: CVE-2024-38133)
CWE-ID: CWE-138 - Improper Neutralization of Special Elements
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper neutralization of special elements in Windows Kernel, which leads to security restrictions bypass and privilege escalation.
2) Time-of-check Time-of-use (TOCTOU) Race Condition (CVE-ID: CVE-2024-38153)
CWE-ID: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to compromise the target system.
The vulnerability exists due to a time-of-check, time-of-use (TOCTOU) race condition in Windows Kernel. A local user can gain elevated privileges on the target system.
3) Out-of-bounds read (CVE-ID: CVE-2024-38151)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Windows Kernel. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
Remediation
Install update from vendor's website.